Threat Levels

Individual infections in our malware database are presented with a colored bar (), which is filled from left to right, depending on its level of threat.

Our MRC team assigns a threat level to an infection based on the following criteria:

Suspicious (): these are files recognized by the Heuristics Engine as highly suspicious because they are packed with the same run-time compression that is commonly used by malware, so they could be threats. Unless you know these files to be legitimate you should quarantine and remove them.

Info & PUAs (): these Potentially Unwanted Applications (PUAs) have some characteristics of malware, but possess no known risks to your system. Typical characteristics could include:

Displaying low-impact advertisements

Partially uninstalling

Applications which have been associated with adware or spyware in the past

Note: Threats of this type will not be blocked by IntelliGuard (Real Time) Protection. They will however be detected during a scan where the user will be given the option to leave them on the system. The user may also select not to have these threats detected in the scan by changing the general settings. (Include 'Information Only' low level Threats in scan results)

Low (): typical characteristics could include:

Installing components without informing the user

Returning non-sensitive data to other servers

Displaying nuisance adverts in pop-up windows

Medium (): these infections may cause inconvenience and may display misleading information. Typical characteristics could include:

Presenting the user with a misleading or incomplete End User License Agreement (EULA) during installation

Displaying aggressive advertising in multiple pop-up windows

Pretending to uninstall

Elevated (): these infections may interfere with the use of your system or may be capable of capturing low-risk data, for example sending web browsing habits to third-parties for targeted advertising. Typical characteristics could include:

No EULA displayed during installation

Displaying unsolicited advertising

Hijacking browser search pages

High (): these infections may override user control of your system or pose high security risks such as capturing high-risk data for example, bank account details or passwords for unsolicited third-party use. Typical characteristics could include:

On rare occasions, useful software may be categorized as malware, on the basis that it possesses characteristics which we define as malware. For this reason, when you conduct a scan with Spyware Doctor, it is recommended that you review all detected items on your system, before you decide to remove or quarantine them.

Malware is constantly changing and evolving, therefore infection threat levels may be updated without notice at any time.